-
Tweets551
-
Followers2K
-
Following124
-
Likes711
QUANTUMSTRAND beta 1 released: built for analysts to quickly understand *where* strings are, *what* they might be, and *how* important they are, without getting lost in a sea of undifferentiated text. Thanks @m_r_tz and the crew at @Mandiant FLARE github.com/mandiant/flare…
🛠️ FJTA update released (2025-08-18)! Changes include: ✅ No longer requires TSK 4.13.0 for XFS recognition ✅ Minor code refactoring 🔗 github.com/mnrkbys/fjta #DFIR #Linux
mac_apt v1.26.1 is here, now supports processing Velociraptor collections and compiled versions for macOS too. Many incremental updates and new plugins (we are at 52 plugins now!). github.com/ydkhatri/mac_a… #DFIR #macOS
🛠️ FJTA update released (2025-07-29)! Changes include: ✅ Improved parsing of XFS journal log records ✅ Enhanced handling of directory entries (ext4/XFS) ✅ Minor bug fixes 🔗 github.com/mnrkbys/fjta #DFIR #Linux
Introducing Phorion. A modern EDR platform purpose-built for macOS. Because security teams shouldn’t have to settle for Windows-first tools. 🛡️🍎 🧵
Found an interesting location storing wifi connect/disconnect information on #macos #DFIR swiftforensics.com/2025/01/new-wi…
There seemed to be enough interest so I decided to do a write up on what I have found about OneDrive Offline Mode. Hate to burn a forensic artifact but I’m concerned about what Microsoft feels is secure. #DFIR malwaremaloney.blogspot.com/2025/01/onedri…
My NTFS journal rewind script explained in this 13Cubed episode. Thanks @davisrichardg .
My NTFS journal rewind script explained in this 13Cubed episode. Thanks @davisrichardg .
If you've had this problem (see pic), NTFS Journal REWIND solves it! . New blog post + code. No more unknown paths. cybercx.com.au/blog/ntfs-usnj… #NTFS #DFIR
Windows Thumbnail caches are a mostly unused artifact. Did you know they can point to paths on external systems? (Yes path embedded in thumbcache file, not from win search db) Can be helpful when threat actors actively delete logs and other artifacts! #DFIR
🆕 mac_apt release v1.5.8 New modules, macOS 13 & RSR support, Python 3.10 compatibility, easier installation, bug fixes github.com/ydkhatri/mac_a… #DFIR #macOS
Hey #DFIR & #Malware community. A memory forensics case were you are required to analyze a memory dump of a Windows 10 system that has been hit with a #Ransomware. Let the games begin. Please share! $100 bounty will be paid to whoever solves this case! ashemery.com/dfir.html#Memo…
Thanks for merging it @MarkBaggett. Excel output now has autowidth adjustment and auto filter applied, with frozen top row for easy analysis.
Thanks for merging it @MarkBaggett. Excel output now has autowidth adjustment and auto filter applied, with frozen top row for easy analysis.
🛠️ Just released a new open-source utility: "DumpBTM" It can dump the persistence records of installed items (including persistent malware!) from macOS's proprietary BackgroundItems-v4.btm file. Read more: patreon.com/posts/77420730
ODL parser now updated to unobfuscate encrypted strings. MS had changed the format.. Short blog post sharing the details: swiftforensics.com/2022/11/readin… #DFIR
📌 Drivers abused by #Ransomware TA to kill AV/EDR's ▪ gdrv.sys (Gigabyte) > #RobinHood 9ab9f3b75a2eb87fafb1b7361be9dfb3 ▪ aswArPot.sys (Avast) > #CUBA and #AvosLocker a179c4093d05a3e1ee73f6ff07f994aa ▪ mhyprot2.sys (Genshin Impact) > #Rever 4b817d0e7714b9d43db43ae4a22a161e
The DFRWS APAC conference is happening *in-person* in Adelaide, Australia Sept 28-30, with the program virtual-friendly. Do join us for the second of what we aim to become a regular forum for the Asia-Pacific #DFIR practitioner and researcher community to connect.
The DFRWS APAC conference is happening *in-person* in Adelaide, Australia Sept 28-30, with the program virtual-friendly. Do join us for the second of what we aim to become a regular forum for the Asia-Pacific #DFIR practitioner and researcher community to connect.
In OneDrive, when a file is deleted that is not on the local filesystem, it is moved to the cloud recycle bin. This can be problematic during endpoint investigations. By incorporating ODL logs, we can find this data. Did Fred Rogers delete more that we were lead to believe? #DFIR
So the first part of the blog post on OneDrive Logs (ODL) is finally posted, and so is the python script to parse it! 👇 swiftforensics.com/2022/02/readin… and github.com/ydkhatri/OneDr…
Ali Hadi | B!n@ry @binaryz0ne
33K Followers 565 Following DFIR and Adversary Simulation | DFIR @ ProtonMail
Kevin 🤖🕵️🍺 @KevinPagano3
3K Followers 570 Following 🕵🏼♂️ @stark4n6 🎴 Shiny cardboard collector 🍺 Resident beer drinker
Heather Mahalik Barnh... @HeatherMahalik
23K Followers 1K Following DFIR @cellebrite, Faculty Fellow & author @sansforensics #FOR585 #FOR500, wife, mama, researcher, USAF. Trust but validate. Thoughts are mine.
Chad Tilbury @chadtilbury
22K Followers 600 Following Digital forensics and incident response. Ex-AFOSI, Mandiant, and CrowdStrike. SANS Institute Fellow and co-author of #FOR500 and #FOR508 courses.
Phill Moore @phillmoore
9K Followers 3K Following This Week in 4n6 // ThinkDFIR // SANS // CyberCX (DFIR) https://t.co/vLyL2sxTuy I might not know much, but I do know how to Google Tweets are mine
Magnet Forensics @MagnetForensics
17K Followers 998 Following Official Twitter feed for Magnet Forensics, a global leader in solutions for digital investigations since 2009.
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Samir @SBousseaden
25K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]
DFIR Diva @DfirDiva
21K Followers 5K Following DFIR Analyst trying to learn all the things | DFIR Blog for Beginners | Founder @GetYourStart | https://t.co/7cHco4FjUS
Patrick @Beav_Patrick
1K Followers 2K Following U.S. Federal Platform Consultant @ Magnet Forensics. Marine Corps Cyber Aux team. Marine Corps Veteran. Former Detective 🕵️♂️ Opinions are my own 👨🏼💻
Ryan "Chaps" Chapman @rj_chap
8K Followers 3K Following DFIR & malware analyst. @sansforensics FOR528 Author & FOR610 Instructor. @CactusCon crew. Husband & father. Comments = own.
Kathryn Hedley @4enzikat0r
3K Followers 802 Following #DFIR & #DFIRFit geek, SANS Author/Instructor #FOR308, Instructor #FOR500. All opinions mine.
ElcomSoft @ElcomSoft
11K Followers 2K Following ElcomSoft's Official Twitter. Password recovery, mobile & cloud forensics.
Cellebrite @Cellebrite
18K Followers 2K Following Cellebrite, the global leader in digital intelligence solutions, empowering agencies to protect & save lives, accelerate justice and preserve privacy.
Andrew Rathbun @bunsofwrath12
3K Followers 706 Following Husband, Father, #DFIR @ Unit 42, Digital Forensics Discord Admin, AboutDFIR Contributor, Author, #USMC Veteran, Former LE, NHL Fan, Dark Mode, Animals, Music
Patrick @RVA4n6
646 Followers 518 Following Richmond, VA #RVA Director of Digital Forensics, writer, trainer in #dfir & Active Attack Response, former LE. Motorcycler & traveler. Opinions = my own.
Paul Lorentz aka Scur... @PaulScurvy
810 Followers 883 Following Dad of 3, 🚲 , 🎣 , 🏃♂️ and love the outdoors and bit of 4n6, former🇨🇦🚔 @ottawapolice, now @Cellebrite Head of Customer Engagement. Opinions are my own
Mark Petrini @petrini_ma41978
5 Followers 95 Following
White Rabbit Cyber @WhtRbbtCybr
5 Followers 104 Following Thoughts and observations from inside the cyber security rabbit hole.
Jevin Sweval @jevinskie
2K Followers 5K Following KEYWORDS ➡︎ cats, hacking, reverse engineering, LLVM, binary analysis, side channel analysis, FPGAs, NFC/EMV tricks Previously Pay Security he/him
Antica CHAE @AChae79357
0 Followers 9 Following
Karim @karimelmasry42
43 Followers 102 Following Pentester (maybe). Reverse engineer (perhaps). Obsessed with @Apple products
Oorhiape @Oorhiape28389
26 Followers 1K Following
tsunamipapi @tsUn4m1p4p1_ph
0 Followers 183 Following
Ye Alde Poser @Y3330t
142 Followers 1K Following
nuyo4h @nuyo4h
0 Followers 2K Following
yy @n0_crew
0 Followers 119 Following
EFS @eforensic
207 Followers 102 Following EFS e-Forensic Services Inc., computer forensics / e-Discovery, analysis, training & forensic product sales
John Kollitidis @JKolliti
47 Followers 591 Following
Johnson Matsiko @Johnson_Matsiko
207 Followers 1K Following Digital Forensics || Cybersecurity Analyst
Patrick @Patrick0x41
688 Followers 4K Following Offensive Security Engineer | Interested in Red Teaming & Vulnerability Research
sad @sec0x25
80 Followers 3K Following
FarKingdom @FarKingdom97017
3 Followers 133 Following
Mustafa ŞAHİN @mustafasahin
219 Followers 429 Following Digital Forensics & Cybersecurity Specialist | Legal Tech & Expert Witness | Linux & Python Enthusiast | Embedded Systems Explorer | Tech Educator & Author | Bu
Nsk @nsk_offl_
348 Followers 4K Following Director🎬& Lyricist of Kattravai Katrapin & Onedaykadhalan CyberSecurity Analyst,Travel freak, Ardent Suriya ❤ Jo,Maddy🤩,VJS😍 Fan,CR7MSD Fan🤟,Maduraikaran😎
!N00b @justan00b
0 Followers 361 Following
Andrew Joseph @jose3253
49 Followers 802 Following
A @xmar20242024
1 Followers 166 Following
MCSR Gen @GenMcsr
6 Followers 278 Following
Agustin Fragoso @SnowHusky15
0 Followers 301 Following
Security Watch @SecurityWatch0
160 Followers 3K Following Security Researcher✝️🛡️🇺🇲 | Constitutionalist | Conservative | Anti-WEF | Anti-WHO | Anti-Globalist | Homeschool Enthusiast | Christ is King
EMIL @emilALABA
0 Followers 6 Following
SpelledIcup @SpelledIcup
1 Followers 31 Following
Mahesh M @mahihyd9
29 Followers 893 Following
Yair Zarka @ZarkaYair
76 Followers 1K Following
Sam C. @SamCrow87458017
0 Followers 84 Following
Erika Noerenberg gutt... @gutterchurl
3K Followers 3K Following malware and kittens, basically. she/her
kagented @4nCQ8Rw9weO0FGo
17 Followers 182 Following
Kathleen @Kathlee47234135
547 Followers 7K Following
Harsh @g4rud4kun
39 Followers 297 Following @iitroorkee 27' | LFX 25' @CloudNativeFdn - @ProjectAntrea | CTF DFIR - @InfoSecIITR | Cloud & Networking
Austin ‘ItzHerbie�... @ItzHerbie
407 Followers 272 Following 💻Cybersecurity Operations, Threat Intel, Hunting, Detection Engineering 📱Tech 🗡️Speaking my mind
Mystic IT Girl @mysticitgirl
45 Followers 274 Following Reverse engineering specialist. Lover of code (when it works). Finder of people (OSINT). Believer in Mercury Retrograde + big fan of smudging.
precisionforensics @precision4ensic
2 Followers 22 Following
Felipe Nascimento @f7nascimento
420 Followers 2K Following
Amulya @Amulya85819513
9 Followers 3K Following
Ali Hadi | B!n@ry @binaryz0ne
33K Followers 565 Following DFIR and Adversary Simulation | DFIR @ ProtonMail
Phill Moore @phillmoore
9K Followers 3K Following This Week in 4n6 // ThinkDFIR // SANS // CyberCX (DFIR) https://t.co/vLyL2sxTuy I might not know much, but I do know how to Google Tweets are mine
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Samir @SBousseaden
25K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]
Nicolas Krassas @Dinosn
146K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
Savitri Mumukshu - �... @MumukshuSavitri
74K Followers 2K Following तुच्छ्येनाभ्वपिहितं यदासीत्तपसस्तन्महिनाजायतैकम् । Designer & Entrepreneur, Proud Hindu, Busting History myths, Wife & Mom, Writer, Culinary & AI Artist. No DMs
Rob T. Lee @robtlee
26K Followers 1K Following Chief AI Officer, Chief of Research, @SANSInstitute | Cybersecurity Expert & Threat Hunter | Godfather of DFIR | Technical Advisor to US Govt
Sanatan Talks @SanatanTalks
166K Followers 506 Following ॐ नमः शिवाय ॥ जय श्री राम ॥ Story Teller ॥ Traveller ॥ History ॥ Views are personal ॥ RP ≠ Endorsement.
Xavier Uncle @xavierunclelite
318K Followers 6K Following naam se xavier, kaam se saviour | DM for collaborations or 📩: [email protected]
vivan. @VivanVatsa
34K Followers 201 Following · Night: Refilling Internet’s (K)inK @iKyu_HQ (https://t.co/cmRbwmWZZP) + Day: ½ Founder @PeopleCompanyHQ (https://t.co/PQaQyOhoOF)
Voice of Bangladeshi ... @VHindus71
79K Followers 2K Following Our goal is to reveal the truth. Covering the incidents that the mainstream media won't let you know.||.
nero @n3ro
432 Followers 365 Following Libertarian/Free Speech Radical. Technology Executive, xDisney imagineer.
Dr. Maik Ro ➡️�... @maikroservice
19K Followers 713 Following ☠️ inactive account ☠️ - Training the next generation of Hackers over at bsky / linkedin / youtube 🏴☠️💜
Nick Carr @ItsReallyNick
38K Followers 3K Following Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA
Alex @kviddy
241 Followers 253 Following Music, Fuzz Pedals, Digital Forensics, Cat Pictures, guitarist in @LongFallBoots
Richard Davis @davisrichardg
3K Followers 432 Following DFIR Investigator @Microsoft and part-time YouTuber. Follow @13CubedDFIR for 13Cubed updates.
Nicole Odom @N0D0M1
111 Followers 92 Following #DFIR Examiner & Researcher | https://t.co/Q39hrJlVBF | https://t.co/814n5RPCE0
Nick Klein @CyberKleiners
801 Followers 68 Following Cyber breach response, digital forensic investigations, strategic advisor.
David Brumley @thedavidbrumley
4K Followers 482 Following Creating a world where everyone can trust apps they use. CEO and Co-Founder @ForAllSecure, Professor @cmu_ece and @CSDatCMU. Views are my own.
Jared Barnhart @bizzybarney
1K Followers 428 Following Father, forensic analyst, DI Specialist @Cellebrite. Opinions are mine.
Calum Hall @_calumhall
951 Followers 336 Following Co-Founder of Phorion 🔍| Threat Detection and Response Manager at GitHub 👨💻| macOS researcher 🍎 | BlackHat speaker 2021 📢 Opinions are my own
Oleg Skulkin @oskulkin
2K Followers 296 Following Head of Cyber Threat Intelligence at @bizone_en. Opinions are my own.
Zach @svch0st
4K Followers 1K Following Everything DFIR @TheDFIRReport | @CuratedIntel | @XintraOrg https://t.co/ggakuKBS0S
Anthony @0xAnthony
48 Followers 163 Following hi I'm Anthony. I do digital forensics and incident response #DFIR // @USC CS Grad // former jiu-jitsu club president // amateur hiker // Opinions are my own.
Lee Reiber @Celldet
2K Followers 102 Following Mobile Device Forensic Expert, Innovator and author of Mobile Forensic Investigations and Forensic Happy Hour host- Tweets are my own -Be Bold-
Craig Rowland - Agent... @CraigHRowland
11K Followers 316 Following Agentless Linux security. No endpoint agents and no drama. Linux malware, forensics, intrusion detection, and hacking. Founder @SandflySecurity.
Josh Brunty @joshbrunty
2K Followers 2K Following Head Coach @uscybergames | Professor @marshallu | Digital Forensics @marshallu_cfs
Josh Lemon @joshlemon
2K Followers 1K Following Chief DIFR at @SoteriaSec_io | @SANSInstitute Principal Instructor & Author | Digital Forensics & Incident Response geek
Cado @CadoSecurity
980 Followers 150 Following Cado Security is the provider of the first investigation and response automation platform focused on revolutionizing incident response for the hybrid world
Aaron Sparling @OSINTlabworks
1K Followers 901 Following BJJ Blackbelt, Memory 4N6 nerd, malwareRE noob, poorly rated chess player.
DFIR_TNT @DFIR_TNT
1K Followers 2K Following DFIR Tips N Tricks | Andrew Skatoff | Cyber+DFIR | Seeker of Truth | Hunter of Threats
DouglasKein @DouglasKein
121 Followers 174 Following
Matthew Seyer 🇺�... @forensic_matt
3K Followers 731 Following DIGITAL FORENSICS - where every bit counts.
Ovie @ovie
2K Followers 314 Following
Simon Key @SimonDCKey
1K Followers 393 Following #EnCase instructor and course developer working for @OpenText. #EnScript #EnCaseAppCentral #DFIR #INFOSEC #CyberSecurity
Abhiram Kumar @_abhiramkumar
1K Followers 347 Following 🇮🇳 | DFIR @ Unit42| Former Captain @teambi0s | Author of MemLabs | GCFA | GREM | Views my own
Joakim Schicht @JoakimSchicht
159 Followers 22 Following
kasasagi09 @kasasagi_ta
649 Followers 1K Following #Digital_Forensics #このアカウントは活動をぼちぼち再開してきましたが #Forensicsの情報収集をしたい方は"#DFIR"と"https://t.co/CCXI15ckp0"をみることを推奨します
DoubleBlak @BlakDouble
965 Followers 76 Following
Chris Bing @Bing_Chris
34K Followers 10K Following @propublica reporter: national security and technology. 📧: [email protected] / 📞(Signal): 771-217-8550. More contact info: https://t.co/FnTdrahhi0
Ciofeca Forensics @CiofecaForensic
242 Followers 30 Following Monday morning solutions to put power back in the hands of the forensics examiner
Jerry Grant @JRCC_4N6
197 Followers 594 Following JR Computer Consulting - Digital Forensics Investigator - Computer Forensics, Mobile Forensics and Cell Site Analysis. https://t.co/PkBMinFMoT
Cyb3r Jak3 @Cyb3r_Jak3
70 Followers 153 Following Privacy and transparency oriented. Computer Networking & Cyber Security. Passion for learning about new technologies. MVP@Cloudflare
Asif Matadar @d1r4c
510 Followers 2K Following Digital Forensics & Incident Response Leader | International Public Speaker | Investor | Entrepreneur | Mentor | U.K. Government Cyber Security Advisory Board
Shafik Punja @qubytelogic
934 Followers 3K Following DFIR worker bee/research monkey. Views are my own.🐧 And do not necessarily represent strategies, views or opinions of any employers: past, present or future.
Grant H @Digital_Cold
2K Followers 2K Following Mobile security researcher. Previously @Qualcomm product security. @UF Ph.D, @UCF B.S. Opinions my own https://t.co/VKTGUksQFd 🦋: @digitalcold
Alex Cartwright @alex_cartware
140 Followers 44 Following Champlain College 2021 Alumni | DFIR Enthusiast | Associate Incident Response Consultant | Developer of LEAF | HackerladyTrends for United States
You might like
